Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/113?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/113?format=api", "purl": "pkg:generic/postgresql@15.0.0", "type": "generic", "namespace": "", "name": "postgresql", "version": "15.0.0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "15.2.0", "latest_non_vulnerable_version": "18.2.0", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3517?format=api", "vulnerability_id": "VCID-3kph-5gzq-ryhu", "summary": "Row security policies disregard user ID changes after inliningmore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2455.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2455.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2455", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.4378", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43756", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45238", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45464", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45414", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45331", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45338", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45277", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45175", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45369", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45424", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45425", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45447", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45417", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45418", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45469", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2455" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2455", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2455" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-153-148-1311-1215-and-1120-released-2637/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-153-148-1311-1215-and-1120-released-2637/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2023-2455/", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N']" }, { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-06T17:13:19Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2023-2455/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2207569", "reference_id": "2207569", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2207569" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-2455", "reference_id": "CVE-2023-2455", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-06T17:13:19Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-2455" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230706-0006/", "reference_id": "ntap-20230706-0006", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-06T17:13:19Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230706-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3714", "reference_id": "RHSA-2023:3714", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3714" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4313", "reference_id": "RHSA-2023:4313", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4313" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4327", "reference_id": "RHSA-2023:4327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4527", "reference_id": "RHSA-2023:4527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4527" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4535", "reference_id": "RHSA-2023:4535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4539", "reference_id": "RHSA-2023:4539", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4539" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5269", "reference_id": "RHSA-2023:5269", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5269" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7545", "reference_id": "RHSA-2023:7545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7580", "reference_id": "RHSA-2023:7580", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7666", "reference_id": "RHSA-2023:7666", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7666" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7667", "reference_id": "RHSA-2023:7667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7694", "reference_id": "RHSA-2023:7694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7695", "reference_id": "RHSA-2023:7695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7772", "reference_id": "RHSA-2023:7772", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7772" }, { "reference_url": "https://usn.ubuntu.com/6104-1/", "reference_id": "USN-6104-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6104-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/155?format=api", "purl": "pkg:generic/postgresql@15.3.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.3.0" } ], "aliases": [ "CVE-2023-2455" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3kph-5gzq-ryhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3497?format=api", "vulnerability_id": "VCID-4d43-twjt-v7hs", "summary": "PostgreSQL oidvector discloses a few bytes of memorymore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2003.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2003.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2003", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04814", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04822", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04865", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04883", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04848", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04866", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04921", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04904", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06496", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06326", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06351", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06363", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.0638", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06308", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2003" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2003", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2003" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2026-2003/", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N']" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-12T14:33:29Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2026-2003/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439322", "reference_id": "2439322", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439322" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3730", "reference_id": "RHSA-2026:3730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3887", "reference_id": "RHSA-2026:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3896", "reference_id": "RHSA-2026:3896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4059", "reference_id": "RHSA-2026:4059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4063", "reference_id": "RHSA-2026:4063", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4063" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4110", "reference_id": "RHSA-2026:4110", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4110" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4254", "reference_id": "RHSA-2026:4254", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4254" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4441", "reference_id": "RHSA-2026:4441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4515", "reference_id": "RHSA-2026:4515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4544", "reference_id": "RHSA-2026:4544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4546", "reference_id": "RHSA-2026:4546", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4546" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4547", "reference_id": "RHSA-2026:4547", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4547" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4548", "reference_id": "RHSA-2026:4548", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4548" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8756", "reference_id": "RHSA-2026:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8756" }, { "reference_url": "https://usn.ubuntu.com/8072-1/", "reference_id": "USN-8072-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8072-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/118?format=api", "purl": "pkg:generic/postgresql@15.16.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.16.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/117?format=api", "purl": "pkg:generic/postgresql@16.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@16.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/116?format=api", "purl": "pkg:generic/postgresql@17.8.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/111?format=api", "purl": "pkg:generic/postgresql@18.2.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@18.2.0" } ], "aliases": [ "CVE-2026-2003" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4d43-twjt-v7hs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3518?format=api", "vulnerability_id": "VCID-5py6-fe2j-d3f4", "summary": "CREATE SCHEMA ... schema_element defeats protective search_path changesmore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2454.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2454.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2454", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45587", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45609", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46307", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.4615", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46244", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46299", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46288", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46216", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.47631", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.47576", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.47627", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.47651", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.47636", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.47694", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.47686", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2455", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2455" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-153-148-1311-1215-and-1120-released-2637/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-153-148-1311-1215-and-1120-released-2637/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2023-2454/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H']" }, { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-06T17:13:48Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2023-2454/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2207568", "reference_id": "2207568", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2207568" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-2454", "reference_id": "CVE-2023-2454", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-06T17:13:48Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-2454" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230706-0006/", "reference_id": "ntap-20230706-0006", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-06T17:13:48Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230706-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3714", "reference_id": "RHSA-2023:3714", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3714" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4313", "reference_id": "RHSA-2023:4313", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4313" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4327", "reference_id": "RHSA-2023:4327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4527", "reference_id": "RHSA-2023:4527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4527" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4535", "reference_id": "RHSA-2023:4535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4539", "reference_id": "RHSA-2023:4539", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4539" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5269", "reference_id": "RHSA-2023:5269", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5269" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7545", "reference_id": "RHSA-2023:7545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7580", "reference_id": "RHSA-2023:7580", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7666", "reference_id": "RHSA-2023:7666", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7666" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7667", "reference_id": "RHSA-2023:7667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7694", "reference_id": "RHSA-2023:7694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7695", "reference_id": "RHSA-2023:7695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7772", "reference_id": "RHSA-2023:7772", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7772" }, { "reference_url": "https://usn.ubuntu.com/6104-1/", "reference_id": "USN-6104-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6104-1/" }, { "reference_url": "https://usn.ubuntu.com/6230-1/", "reference_id": "USN-6230-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6230-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/155?format=api", "purl": "pkg:generic/postgresql@15.3.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.3.0" } ], "aliases": [ "CVE-2023-2454" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5py6-fe2j-d3f4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3510?format=api", "vulnerability_id": "VCID-621d-wrrx-n7ae", "summary": "Restrict visibility of \"pg_stats_ext\" and \"pg_stats_ext_exprs\" entries to the table ownermore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4317.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4317.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4317", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41017", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.40944", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41162", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.4128", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41167", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41081", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43564", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43624", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43614", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.4361", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43563", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.4359", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43526", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43577", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43592", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.4358", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4317" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-163-157-1412-1315-and-1219-released-2858/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-163-157-1412-1315-and-1219-released-2858/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2024-4317/", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N']" }, { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T13:20:02Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2024-4317/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279935", "reference_id": "2279935", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279935" }, { "reference_url": "https://security.gentoo.org/glsa/202408-06", "reference_id": "GLSA-202408-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5927", "reference_id": "RHSA-2024:5927", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5929", "reference_id": "RHSA-2024:5929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5929" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6001", "reference_id": "RHSA-2024:6001", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6020", "reference_id": "RHSA-2024:6020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6142", "reference_id": "RHSA-2024:6142", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6142" }, { "reference_url": "https://usn.ubuntu.com/6802-1/", "reference_id": "USN-6802-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6802-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/145?format=api", "purl": "pkg:generic/postgresql@15.7.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/144?format=api", "purl": "pkg:generic/postgresql@16.3.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@16.3.0" } ], "aliases": [ "CVE-2024-4317" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-621d-wrrx-n7ae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3507?format=api", "vulnerability_id": "VCID-66hr-98m2-a3gc", "summary": "PostgreSQL libpq retains an error message from man-in-the-middlemore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10977.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10977.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10977", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57028", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57033", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57052", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57034", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.56982", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57077", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.571", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57127", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57129", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57141", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.5712", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57128", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57123", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57102", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10977" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-171-165-159-1414-1317-and-1221-released-2955/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-171-165-159-1414-1317-and-1221-released-2955/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2024-10977/", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N']" }, { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-14T18:53:39Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2024-10977/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326258", "reference_id": "2326258", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326258" }, { "reference_url": "https://security.gentoo.org/glsa/202412-12", "reference_id": "GLSA-202412-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-12" }, { "reference_url": "https://usn.ubuntu.com/7132-1/", "reference_id": "USN-7132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7132-1/" }, { "reference_url": "https://usn.ubuntu.com/7358-1/", "reference_id": "USN-7358-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7358-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/139?format=api", "purl": "pkg:generic/postgresql@15.9.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/138?format=api", "purl": "pkg:generic/postgresql@16.5.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@16.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/137?format=api", "purl": "pkg:generic/postgresql@17.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.1.0" } ], "aliases": [ "CVE-2024-10977" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-66hr-98m2-a3gc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3502?format=api", "vulnerability_id": "VCID-6fq5-826e-fkeq", "summary": "PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child tablemore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8713.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8713.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8713", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09307", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09454", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09428", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09413", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09305", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09358", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09408", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09319", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09393", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09441", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10356", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1044", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10412", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10423", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14634", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14499", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8713" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-176-1610-1514-1419-1322-and-18-beta-3-released-3118/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-176-1610-1514-1419-1322-and-18-beta-3-released-3118/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2025-8713/", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N']" }, { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-14T19:50:52Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2025-8713/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388550", "reference_id": "2388550", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14827", "reference_id": "RHSA-2025:14827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14862", "reference_id": "RHSA-2025:14862", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14869", "reference_id": "RHSA-2025:14869", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14869" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14870", "reference_id": "RHSA-2025:14870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14878", "reference_id": "RHSA-2025:14878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15013", "reference_id": "RHSA-2025:15013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15014", "reference_id": "RHSA-2025:15014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15015", "reference_id": "RHSA-2025:15015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15031", "reference_id": "RHSA-2025:15031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15057", "reference_id": "RHSA-2025:15057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15062", "reference_id": "RHSA-2025:15062", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15062" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15114", "reference_id": "RHSA-2025:15114", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15114" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15359", "reference_id": "RHSA-2025:15359", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15359" }, { "reference_url": "https://usn.ubuntu.com/7741-1/", "reference_id": "USN-7741-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7741-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/127?format=api", "purl": "pkg:generic/postgresql@15.14.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.14.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/126?format=api", "purl": "pkg:generic/postgresql@16.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@16.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/125?format=api", "purl": "pkg:generic/postgresql@17.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.6.0" } ], "aliases": [ "CVE-2025-8713" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6fq5-826e-fkeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3495?format=api", "vulnerability_id": "VCID-7asd-nhem-wbbr", "summary": "PostgreSQL pgcrypto heap buffer overflow executes arbitrary codemore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2005.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2005.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2005", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07719", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07785", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07744", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07831", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07832", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07788", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07846", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07865", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07844", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07857", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10068", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10057", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10035", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.0998", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09915", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10079", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2005" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2005", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2005" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2026-2005/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H']" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-13T04:56:32Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2026-2005/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439326", "reference_id": "2439326", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3730", "reference_id": "RHSA-2026:3730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3887", "reference_id": "RHSA-2026:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3896", "reference_id": "RHSA-2026:3896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4024", "reference_id": "RHSA-2026:4024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4059", "reference_id": "RHSA-2026:4059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4063", "reference_id": "RHSA-2026:4063", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4063" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4064", "reference_id": "RHSA-2026:4064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4064" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4074", "reference_id": "RHSA-2026:4074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4075", "reference_id": "RHSA-2026:4075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4110", "reference_id": "RHSA-2026:4110", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4110" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4254", "reference_id": "RHSA-2026:4254", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4254" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4441", "reference_id": "RHSA-2026:4441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4475", "reference_id": "RHSA-2026:4475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4504", "reference_id": "RHSA-2026:4504", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4504" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4505", "reference_id": "RHSA-2026:4505", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4506", "reference_id": "RHSA-2026:4506", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4506" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4509", "reference_id": "RHSA-2026:4509", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4509" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4515", "reference_id": "RHSA-2026:4515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4516", "reference_id": "RHSA-2026:4516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4518", "reference_id": "RHSA-2026:4518", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4518" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4524", "reference_id": "RHSA-2026:4524", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4524" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4528", "reference_id": "RHSA-2026:4528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4528" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4544", "reference_id": "RHSA-2026:4544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4546", "reference_id": "RHSA-2026:4546", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4546" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4547", "reference_id": "RHSA-2026:4547", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4547" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4548", "reference_id": "RHSA-2026:4548", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4548" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8756", "reference_id": "RHSA-2026:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8756" }, { "reference_url": "https://usn.ubuntu.com/8072-1/", "reference_id": "USN-8072-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8072-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/118?format=api", "purl": "pkg:generic/postgresql@15.16.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.16.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/117?format=api", "purl": "pkg:generic/postgresql@16.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@16.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/116?format=api", "purl": "pkg:generic/postgresql@17.8.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/111?format=api", "purl": "pkg:generic/postgresql@18.2.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@18.2.0" } ], "aliases": [ "CVE-2026-2005" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7asd-nhem-wbbr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3506?format=api", "vulnerability_id": "VCID-8da2-zhsq-j7c4", "summary": "PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user IDmore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10978.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10978.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10978", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69948", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69918", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69927", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.6993", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69905", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69786", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69802", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69778", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69826", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69841", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69865", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.6985", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69836", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69877", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69887", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69867", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10978" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-171-165-159-1414-1317-and-1221-released-2955/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-171-165-159-1414-1317-and-1221-released-2955/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2024-10978/", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N']" }, { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-14T18:53:38Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2024-10978/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326251", "reference_id": "2326251", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326251" }, { "reference_url": "https://security.gentoo.org/glsa/202412-12", "reference_id": "GLSA-202412-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10785", "reference_id": "RHSA-2024:10785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10787", "reference_id": "RHSA-2024:10787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10788", "reference_id": "RHSA-2024:10788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10791", "reference_id": "RHSA-2024:10791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10830", "reference_id": "RHSA-2024:10830", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10830" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10831", "reference_id": "RHSA-2024:10831", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10831" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10832", "reference_id": "RHSA-2024:10832", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10832" }, { "reference_url": "https://usn.ubuntu.com/7132-1/", "reference_id": "USN-7132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7132-1/" }, { "reference_url": "https://usn.ubuntu.com/7358-1/", "reference_id": "USN-7358-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7358-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/139?format=api", "purl": "pkg:generic/postgresql@15.9.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/138?format=api", "purl": "pkg:generic/postgresql@16.5.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@16.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/137?format=api", "purl": "pkg:generic/postgresql@17.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.1.0" } ], "aliases": [ "CVE-2024-10978" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8da2-zhsq-j7c4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3509?format=api", "vulnerability_id": "VCID-ah54-w11h-eqef", "summary": "PostgreSQL relation replacement during pg_dump executes arbitrary SQLmore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7348.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7348.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7348", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.7312", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72995", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.73009", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.73033", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.73012", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.73006", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.73047", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.73057", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.73092", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72962", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72982", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.72958", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73504", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73501", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73459", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73492", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7348" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7348" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-164-158-1413-1316-1220-and-17-beta-3-released-2910/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-164-158-1413-1316-1220-and-17-beta-3-released-2910/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2024-7348/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H']" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-09T18:15:41Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2024-7348/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303682", "reference_id": "2303682", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303682" }, { "reference_url": "https://security.gentoo.org/glsa/202409-02", "reference_id": "GLSA-202409-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5927", "reference_id": "RHSA-2024:5927", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5929", "reference_id": "RHSA-2024:5929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5929" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5999", "reference_id": "RHSA-2024:5999", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6000", "reference_id": "RHSA-2024:6000", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6000" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6001", "reference_id": "RHSA-2024:6001", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6018", "reference_id": "RHSA-2024:6018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6020", "reference_id": "RHSA-2024:6020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6137", "reference_id": "RHSA-2024:6137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6138", "reference_id": "RHSA-2024:6138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6139", "reference_id": "RHSA-2024:6139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6140", "reference_id": "RHSA-2024:6140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6141", "reference_id": "RHSA-2024:6141", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6141" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6142", "reference_id": "RHSA-2024:6142", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6142" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6144", "reference_id": "RHSA-2024:6144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6145", "reference_id": "RHSA-2024:6145", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6145" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6557", "reference_id": "RHSA-2024:6557", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6557" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6558", "reference_id": "RHSA-2024:6558", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6558" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6559", "reference_id": "RHSA-2024:6559", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6559" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8495", "reference_id": "RHSA-2024:8495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8495" }, { "reference_url": "https://usn.ubuntu.com/6968-1/", "reference_id": "USN-6968-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6968-1/" }, { "reference_url": "https://usn.ubuntu.com/6968-2/", "reference_id": "USN-6968-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6968-2/" }, { "reference_url": "https://usn.ubuntu.com/6968-3/", "reference_id": "USN-6968-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6968-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/142?format=api", "purl": "pkg:generic/postgresql@15.8.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/141?format=api", "purl": "pkg:generic/postgresql@16.4.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@16.4.0" } ], "aliases": [ "CVE-2024-7348" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ah54-w11h-eqef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3494?format=api", "vulnerability_id": "VCID-b13k-m1w4-1faz", "summary": "PostgreSQL missing validation of multibyte character length executes arbitrary codemore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2006.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2006.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2006", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09681", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09711", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09828", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09844", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.0988", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.0975", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09874", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09821", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11669", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11765", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11733", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11694", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11616", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11531", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1243", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12386", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2006" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2026-2006/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H']" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-13T04:56:31Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2026-2006/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439324", "reference_id": "2439324", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3730", "reference_id": "RHSA-2026:3730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3887", "reference_id": "RHSA-2026:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3896", "reference_id": "RHSA-2026:3896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4024", "reference_id": "RHSA-2026:4024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4059", "reference_id": "RHSA-2026:4059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4063", "reference_id": "RHSA-2026:4063", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4063" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4064", "reference_id": "RHSA-2026:4064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4064" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4074", "reference_id": "RHSA-2026:4074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4075", "reference_id": "RHSA-2026:4075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4110", "reference_id": "RHSA-2026:4110", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4110" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4254", "reference_id": "RHSA-2026:4254", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4254" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4441", "reference_id": "RHSA-2026:4441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4475", "reference_id": "RHSA-2026:4475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4504", "reference_id": "RHSA-2026:4504", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4504" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4505", "reference_id": "RHSA-2026:4505", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4506", "reference_id": "RHSA-2026:4506", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4506" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4509", "reference_id": "RHSA-2026:4509", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4509" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4515", "reference_id": "RHSA-2026:4515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4516", "reference_id": "RHSA-2026:4516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4518", "reference_id": "RHSA-2026:4518", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4518" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4524", "reference_id": "RHSA-2026:4524", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4524" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4528", "reference_id": "RHSA-2026:4528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4528" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4544", "reference_id": "RHSA-2026:4544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4546", "reference_id": "RHSA-2026:4546", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4546" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4547", "reference_id": "RHSA-2026:4547", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4547" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4548", "reference_id": "RHSA-2026:4548", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4548" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8756", "reference_id": "RHSA-2026:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8756" }, { "reference_url": "https://usn.ubuntu.com/8072-1/", "reference_id": "USN-8072-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8072-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/118?format=api", "purl": "pkg:generic/postgresql@15.16.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.16.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/117?format=api", "purl": "pkg:generic/postgresql@16.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@16.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/116?format=api", "purl": "pkg:generic/postgresql@17.8.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/111?format=api", "purl": "pkg:generic/postgresql@18.2.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@18.2.0" } ], "aliases": [ "CVE-2026-2006" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b13k-m1w4-1faz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3503?format=api", "vulnerability_id": "VCID-dck8-zvk3-q7f8", "summary": "PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validationmore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4207.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4207.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4207", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55554", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55641", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55569", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55586", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55561", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55507", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55592", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55616", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55594", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55646", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55649", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55658", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55637", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.5562", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55661", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4207" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-175-169-1513-1418-and-1321-released-3072/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-175-169-1513-1418-and-1321-released-3072/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2025-4207/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H']" }, { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T14:52:17Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2025-4207/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365111", "reference_id": "2365111", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365111" }, { "reference_url": "https://security.archlinux.org/AVG-2875", "reference_id": "AVG-2875", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14826", "reference_id": "RHSA-2025:14826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14827", "reference_id": "RHSA-2025:14827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14862", "reference_id": "RHSA-2025:14862", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14899", "reference_id": "RHSA-2025:14899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15021", "reference_id": "RHSA-2025:15021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15022", "reference_id": "RHSA-2025:15022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15022" }, { "reference_url": "https://usn.ubuntu.com/7520-1/", "reference_id": "USN-7520-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7520-1/" }, { "reference_url": "https://usn.ubuntu.com/7520-2/", "reference_id": "USN-7520-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7520-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/131?format=api", "purl": "pkg:generic/postgresql@15.13.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/130?format=api", "purl": "pkg:generic/postgresql@16.9.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@16.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/129?format=api", "purl": "pkg:generic/postgresql@17.5.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.5.0" } ], "aliases": [ "CVE-2025-4207" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dck8-zvk3-q7f8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3512?format=api", "vulnerability_id": "VCID-dqcu-ceuq-wbb7", "summary": "MERGE fails to enforce UPDATE or SELECT row security policiesmore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39418.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39418.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39418", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.6319", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63088", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.6313", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63165", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63172", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63175", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63199", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63154", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63189", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63117", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63081", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63133", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63151", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63168", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63153", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39418" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-154-149-1312-1216-1121-and-postgresql-16-beta-3-released-2689/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-154-149-1312-1216-1121-and-postgresql-16-beta-3-released-2689/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2023-39418/", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N']" }, { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:31:10Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2023-39418/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228112", "reference_id": "2228112", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:31:10Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228112" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_software_collections:3", "reference_id": "cpe:/a:redhat:rhel_software_collections:3", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_software_collections:3" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-39418", "reference_id": "CVE-2023-39418", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:31:10Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-39418" }, { "reference_url": "https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=cb2ae5741f2458a474ed3c31458d242e678ff229", "reference_id": "?p=postgresql.git;a=commitdiff;h=cb2ae5741f2458a474ed3c31458d242e678ff229", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:31:10Z/" } ], "url": "https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=cb2ae5741f2458a474ed3c31458d242e678ff229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7785", "reference_id": "RHSA-2023:7785", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:31:10Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7883", "reference_id": "RHSA-2023:7883", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:31:10Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7884", "reference_id": "RHSA-2023:7884", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:31:10Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7885", "reference_id": "RHSA-2023:7885", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:31:10Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7885" }, { "reference_url": "https://usn.ubuntu.com/6296-1/", "reference_id": "USN-6296-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6296-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/150?format=api", "purl": "pkg:generic/postgresql@15.4.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.4.0" } ], "aliases": [ "CVE-2023-39418" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dqcu-ceuq-wbb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3515?format=api", "vulnerability_id": "VCID-dwqe-a6p3-tyf6", "summary": "Buffer overrun from integer overflow in array modificationmore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5869.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5869.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5869", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01608", "scoring_system": "epss", "scoring_elements": "0.81863", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01608", "scoring_system": "epss", "scoring_elements": "0.81763", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01608", "scoring_system": "epss", "scoring_elements": "0.81751", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01608", "scoring_system": "epss", "scoring_elements": "0.81745", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01608", "scoring_system": "epss", "scoring_elements": "0.81783", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01608", "scoring_system": "epss", "scoring_elements": "0.81784", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01608", "scoring_system": "epss", "scoring_elements": "0.81841", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01608", "scoring_system": "epss", "scoring_elements": "0.81692", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01608", "scoring_system": "epss", "scoring_elements": "0.81716", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01608", "scoring_system": "epss", "scoring_elements": "0.81713", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01608", "scoring_system": "epss", "scoring_elements": "0.81739", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01608", "scoring_system": "epss", "scoring_elements": "0.81744", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01652", "scoring_system": "epss", "scoring_elements": "0.82055", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01652", "scoring_system": "epss", "scoring_elements": "0.82078", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01652", "scoring_system": "epss", "scoring_elements": "0.82089", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01652", "scoring_system": "epss", "scoring_elements": "0.82093", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5869" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39417", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39417" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5869", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5869" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5870", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5870" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2023-5869/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H']" } ], "url": "https://www.postgresql.org/support/security/CVE-2023-5869/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056283", "reference_id": "1056283", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056283" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247169", "reference_id": "2247169", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247169" }, { "reference_url": "https://security.gentoo.org/glsa/202408-06", "reference_id": "GLSA-202408-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7545", "reference_id": "RHSA-2023:7545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7579", "reference_id": "RHSA-2023:7579", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7579" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7580", "reference_id": "RHSA-2023:7580", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7581", "reference_id": "RHSA-2023:7581", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7581" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7616", "reference_id": "RHSA-2023:7616", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7616" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7656", "reference_id": "RHSA-2023:7656", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7656" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7666", "reference_id": "RHSA-2023:7666", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7666" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7667", "reference_id": "RHSA-2023:7667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7694", "reference_id": "RHSA-2023:7694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7695", "reference_id": "RHSA-2023:7695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7714", "reference_id": "RHSA-2023:7714", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7714" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7770", "reference_id": "RHSA-2023:7770", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7771", "reference_id": "RHSA-2023:7771", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7771" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7772", "reference_id": "RHSA-2023:7772", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7778", "reference_id": "RHSA-2023:7778", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7783", "reference_id": "RHSA-2023:7783", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7783" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7784", "reference_id": "RHSA-2023:7784", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7785", "reference_id": "RHSA-2023:7785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7786", "reference_id": "RHSA-2023:7786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7788", "reference_id": "RHSA-2023:7788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7789", "reference_id": "RHSA-2023:7789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7790", "reference_id": "RHSA-2023:7790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7878", "reference_id": "RHSA-2023:7878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7883", "reference_id": "RHSA-2023:7883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7884", "reference_id": "RHSA-2023:7884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7885", "reference_id": "RHSA-2023:7885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0304", "reference_id": "RHSA-2024:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0332", "reference_id": "RHSA-2024:0332", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0332" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0337", "reference_id": "RHSA-2024:0337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0337" }, { "reference_url": "https://usn.ubuntu.com/6538-1/", "reference_id": "USN-6538-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6538-1/" }, { "reference_url": "https://usn.ubuntu.com/6538-2/", "reference_id": "USN-6538-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6538-2/" }, { "reference_url": "https://usn.ubuntu.com/6570-1/", "reference_id": "USN-6570-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6570-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/153?format=api", "purl": "pkg:generic/postgresql@15.5.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/152?format=api", "purl": "pkg:generic/postgresql@16.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@16.1.0" } ], "aliases": [ "CVE-2023-5869" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dwqe-a6p3-tyf6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3499?format=api", "vulnerability_id": "VCID-fck5-tfaf-5kbx", "summary": "PostgreSQL CREATE STATISTICS does not check for schema CREATE privilegemore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12817.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12817.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12817", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16158", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.1612", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16236", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16102", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16169", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16954", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18916", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19009", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18997", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18953", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18832", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.2948", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29555", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29507", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29376", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.2944", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12817" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12817", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12817" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-181-177-1611-1515-1420-and-1323-released-3171/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-181-177-1611-1515-1420-and-1323-released-3171/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2025-12817/", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L']" }, { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T13:59:49Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2025-12817/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414825", "reference_id": "2414825", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22728", "reference_id": "RHSA-2025:22728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23022", "reference_id": "RHSA-2025:23022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23023", "reference_id": "RHSA-2025:23023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0262", "reference_id": "RHSA-2026:0262", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0262" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0263", "reference_id": "RHSA-2026:0263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0264", "reference_id": "RHSA-2026:0264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0265", "reference_id": "RHSA-2026:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0266", "reference_id": "RHSA-2026:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0267", "reference_id": "RHSA-2026:0267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0268", "reference_id": "RHSA-2026:0268", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0269", "reference_id": "RHSA-2026:0269", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0269" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0270", "reference_id": "RHSA-2026:0270", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0270" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0455", "reference_id": "RHSA-2026:0455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0456", "reference_id": "RHSA-2026:0456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0491", "reference_id": "RHSA-2026:0491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0492", "reference_id": "RHSA-2026:0492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0493", "reference_id": "RHSA-2026:0493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0519", "reference_id": "RHSA-2026:0519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0519" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0523", "reference_id": "RHSA-2026:0523", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0523" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0524", "reference_id": "RHSA-2026:0524", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0524" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0525", "reference_id": "RHSA-2026:0525", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0525" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8756", "reference_id": "RHSA-2026:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8756" }, { "reference_url": "https://usn.ubuntu.com/7908-1/", "reference_id": "USN-7908-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7908-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/123?format=api", "purl": "pkg:generic/postgresql@15.15.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.15.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/122?format=api", "purl": "pkg:generic/postgresql@16.11.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@16.11.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/121?format=api", "purl": "pkg:generic/postgresql@17.7.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/120?format=api", "purl": "pkg:generic/postgresql@18.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@18.1.0" } ], "aliases": [ "CVE-2025-12817" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fck5-tfaf-5kbx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3501?format=api", "vulnerability_id": "VCID-h5sa-959y-6fh4", "summary": "PostgreSQL pg_dump lets superuser of origin server execute arbitrary code in psql clientmore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8714.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8714.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8714", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07776", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07908", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07892", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07878", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07793", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07837", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07885", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07839", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07897", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07921", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08709", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08739", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08705", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.0875", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11986", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11852", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8714" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8714", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8714" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-176-1610-1514-1419-1322-and-18-beta-3-released-3118/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-176-1610-1514-1419-1322-and-18-beta-3-released-3118/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2025-8714/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H']" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-15T03:55:55Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2025-8714/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388553", "reference_id": "2388553", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388553" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14826", "reference_id": "RHSA-2025:14826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14827", "reference_id": "RHSA-2025:14827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14862", "reference_id": "RHSA-2025:14862", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14869", "reference_id": "RHSA-2025:14869", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14869" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14870", "reference_id": "RHSA-2025:14870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14878", "reference_id": "RHSA-2025:14878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14899", "reference_id": "RHSA-2025:14899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15006", "reference_id": "RHSA-2025:15006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15012", "reference_id": "RHSA-2025:15012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15013", "reference_id": "RHSA-2025:15013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15014", "reference_id": "RHSA-2025:15014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15015", "reference_id": "RHSA-2025:15015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15021", "reference_id": "RHSA-2025:15021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15022", "reference_id": "RHSA-2025:15022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15031", "reference_id": "RHSA-2025:15031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15034", "reference_id": "RHSA-2025:15034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15057", "reference_id": "RHSA-2025:15057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15062", "reference_id": "RHSA-2025:15062", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15062" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15114", "reference_id": "RHSA-2025:15114", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15114" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15115", "reference_id": "RHSA-2025:15115", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15359", "reference_id": "RHSA-2025:15359", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15359" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15361", "reference_id": "RHSA-2025:15361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16099", "reference_id": "RHSA-2025:16099", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16099" }, { "reference_url": "https://usn.ubuntu.com/7741-1/", "reference_id": "USN-7741-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7741-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/127?format=api", "purl": "pkg:generic/postgresql@15.14.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.14.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/126?format=api", "purl": "pkg:generic/postgresql@16.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@16.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/125?format=api", "purl": "pkg:generic/postgresql@17.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.6.0" } ], "aliases": [ "CVE-2025-8714" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h5sa-959y-6fh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3511?format=api", "vulnerability_id": "VCID-j4cc-p1t3-tydy", "summary": "PostgreSQL non-owner REFRESH MATERIALIZED VIEW CONCURRENTLY executes arbitrary SQLmore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0985.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0985.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0985", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00753", "scoring_system": "epss", "scoring_elements": "0.73323", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00753", "scoring_system": "epss", "scoring_elements": "0.73167", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00753", "scoring_system": "epss", "scoring_elements": "0.73188", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00753", "scoring_system": "epss", "scoring_elements": "0.73163", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00753", "scoring_system": "epss", "scoring_elements": "0.73199", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00753", "scoring_system": "epss", "scoring_elements": "0.73212", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00753", "scoring_system": "epss", "scoring_elements": "0.73237", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00753", "scoring_system": "epss", "scoring_elements": "0.73218", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00753", "scoring_system": "epss", "scoring_elements": "0.73255", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00753", "scoring_system": "epss", "scoring_elements": "0.73264", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00753", "scoring_system": "epss", "scoring_elements": "0.73297", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00774", "scoring_system": "epss", "scoring_elements": "0.73676", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00774", "scoring_system": "epss", "scoring_elements": "0.73634", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00774", "scoring_system": "epss", "scoring_elements": "0.73675", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00774", "scoring_system": "epss", "scoring_elements": "0.73667", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0985" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-162-156-1411-1314-and-1218-released-2807/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-162-156-1411-1314-and-1218-released-2807/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2024-0985/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H']" }, { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-16T05:00:50Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2024-0985/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263384", "reference_id": "2263384", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263384" }, { "reference_url": "https://security.gentoo.org/glsa/202408-06", "reference_id": "GLSA-202408-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-06" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-16T05:00:50Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00017.html" }, { "reference_url": "https://saites.dev/projects/personal/postgres-cve-2024-0985/", "reference_id": "postgres-cve-2024-0985", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-16T05:00:50Z/" } ], "url": "https://saites.dev/projects/personal/postgres-cve-2024-0985/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0950", "reference_id": "RHSA-2024:0950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0951", "reference_id": "RHSA-2024:0951", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0951" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0956", "reference_id": "RHSA-2024:0956", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0956" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0973", "reference_id": "RHSA-2024:0973", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0973" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0974", "reference_id": "RHSA-2024:0974", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0974" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0975", "reference_id": "RHSA-2024:0975", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0975" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0988", "reference_id": "RHSA-2024:0988", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0988" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0990", "reference_id": "RHSA-2024:0990", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0990" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0992", "reference_id": "RHSA-2024:0992", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0992" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1017", "reference_id": "RHSA-2024:1017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1069", "reference_id": "RHSA-2024:1069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1070", "reference_id": "RHSA-2024:1070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1071", "reference_id": "RHSA-2024:1071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1195", "reference_id": "RHSA-2024:1195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1240", "reference_id": "RHSA-2024:1240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1241", "reference_id": "RHSA-2024:1241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1314", "reference_id": "RHSA-2024:1314", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1314" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1315", "reference_id": "RHSA-2024:1315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1348", "reference_id": "RHSA-2024:1348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1422", "reference_id": "RHSA-2024:1422", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1422" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1426", "reference_id": "RHSA-2024:1426", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1426" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1428", "reference_id": "RHSA-2024:1428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1429", "reference_id": "RHSA-2024:1429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1437", "reference_id": "RHSA-2024:1437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1437" }, { "reference_url": "https://usn.ubuntu.com/6656-1/", "reference_id": "USN-6656-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6656-1/" }, { "reference_url": "https://usn.ubuntu.com/6656-2/", "reference_id": "USN-6656-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6656-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/148?format=api", "purl": "pkg:generic/postgresql@15.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/147?format=api", "purl": "pkg:generic/postgresql@16.2.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@16.2.0" } ], "aliases": [ "CVE-2024-0985" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j4cc-p1t3-tydy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3498?format=api", "vulnerability_id": "VCID-kfy3-jgjm-myge", "summary": "PostgreSQL libpq undersizes allocations, via integer wraparoundmore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12818.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12818.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12818", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12416", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12305", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12405", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12445", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.13009", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14891", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14947", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.1495", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14893", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14765", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26625", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26773", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26731", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26676", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26557", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12818" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12818", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12818" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-181-177-1611-1515-1420-and-1323-released-3171/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-181-177-1611-1515-1420-and-1323-released-3171/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2025-12818/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H']" }, { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T13:59:26Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2025-12818/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414826", "reference_id": "2414826", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22728", "reference_id": "RHSA-2025:22728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23022", "reference_id": "RHSA-2025:23022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23023", "reference_id": "RHSA-2025:23023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23123", "reference_id": "RHSA-2025:23123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23124", "reference_id": "RHSA-2025:23124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23157", "reference_id": "RHSA-2025:23157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23158", "reference_id": "RHSA-2025:23158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0262", "reference_id": "RHSA-2026:0262", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0262" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0263", "reference_id": "RHSA-2026:0263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0264", "reference_id": "RHSA-2026:0264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0265", "reference_id": "RHSA-2026:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0266", "reference_id": "RHSA-2026:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0267", "reference_id": "RHSA-2026:0267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0268", "reference_id": "RHSA-2026:0268", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0269", "reference_id": "RHSA-2026:0269", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0269" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0270", "reference_id": "RHSA-2026:0270", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0270" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0455", "reference_id": "RHSA-2026:0455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0456", "reference_id": "RHSA-2026:0456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0458", "reference_id": "RHSA-2026:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0491", "reference_id": "RHSA-2026:0491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0492", "reference_id": "RHSA-2026:0492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0493", "reference_id": "RHSA-2026:0493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0519", "reference_id": "RHSA-2026:0519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0519" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0523", "reference_id": "RHSA-2026:0523", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0523" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0524", "reference_id": "RHSA-2026:0524", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0524" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0525", "reference_id": "RHSA-2026:0525", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0525" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0594", "reference_id": "RHSA-2026:0594", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0594" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0695", "reference_id": "RHSA-2026:0695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0744", "reference_id": "RHSA-2026:0744", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0744" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0745", "reference_id": "RHSA-2026:0745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0746", "reference_id": "RHSA-2026:0746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0835", "reference_id": "RHSA-2026:0835", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0835" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0865", "reference_id": "RHSA-2026:0865", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1736", "reference_id": "RHSA-2026:1736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8756", "reference_id": "RHSA-2026:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8756" }, { "reference_url": "https://usn.ubuntu.com/7908-1/", "reference_id": "USN-7908-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7908-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/123?format=api", "purl": "pkg:generic/postgresql@15.15.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.15.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/122?format=api", "purl": "pkg:generic/postgresql@16.11.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@16.11.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/121?format=api", "purl": "pkg:generic/postgresql@17.7.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/120?format=api", "purl": "pkg:generic/postgresql@18.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@18.1.0" } ], "aliases": [ "CVE-2025-12818" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kfy3-jgjm-myge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3504?format=api", "vulnerability_id": "VCID-mxct-582s-pfad", "summary": "PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validationmore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1094.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1094.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1094", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.82364", "scoring_system": "epss", "scoring_elements": "0.99236", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.82593", "scoring_system": "epss", "scoring_elements": "0.99243", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.83144", "scoring_system": "epss", "scoring_elements": "0.99261", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.83144", "scoring_system": "epss", "scoring_elements": "0.99256", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.83144", "scoring_system": "epss", "scoring_elements": "0.9926", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.83144", "scoring_system": "epss", "scoring_elements": "0.99262", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.83144", "scoring_system": "epss", "scoring_elements": "0.99263", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.83144", "scoring_system": "epss", "scoring_elements": "0.99264", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.83359", "scoring_system": "epss", "scoring_elements": "0.99267", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.83359", "scoring_system": "epss", "scoring_elements": "0.99277", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.83359", "scoring_system": "epss", "scoring_elements": "0.99276", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1094" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1094", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1094" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-173-167-1511-1416-and-1319-released-3015/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-173-167-1511-1416-and-1319-released-3015/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2025-1094/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H']" }, { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-13T14:18:35Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2025-1094/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345548", "reference_id": "2345548", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345548" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1720", "reference_id": "RHSA-2025:1720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1721", "reference_id": "RHSA-2025:1721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1722", "reference_id": "RHSA-2025:1722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1723", "reference_id": "RHSA-2025:1723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1724", "reference_id": "RHSA-2025:1724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1725", "reference_id": "RHSA-2025:1725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1726", "reference_id": "RHSA-2025:1726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1727", "reference_id": "RHSA-2025:1727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1728", "reference_id": "RHSA-2025:1728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1729", "reference_id": "RHSA-2025:1729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1730", "reference_id": "RHSA-2025:1730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1731", "reference_id": "RHSA-2025:1731", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1731" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1732", "reference_id": "RHSA-2025:1732", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1732" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1733", "reference_id": "RHSA-2025:1733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1735", "reference_id": "RHSA-2025:1735", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1735" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1736", "reference_id": "RHSA-2025:1736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1737", "reference_id": "RHSA-2025:1737", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1737" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1738", "reference_id": "RHSA-2025:1738", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1738" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1739", "reference_id": "RHSA-2025:1739", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1739" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1740", "reference_id": "RHSA-2025:1740", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1740" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1741", "reference_id": "RHSA-2025:1741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1742", "reference_id": "RHSA-2025:1742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1743", "reference_id": "RHSA-2025:1743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1744", "reference_id": "RHSA-2025:1744", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1744" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1745", "reference_id": "RHSA-2025:1745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3050", "reference_id": "RHSA-2025:3050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3062", "reference_id": "RHSA-2025:3062", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3062" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3063", "reference_id": "RHSA-2025:3063", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3063" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3064", "reference_id": "RHSA-2025:3064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3064" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3082", "reference_id": "RHSA-2025:3082", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3082" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3978", "reference_id": "RHSA-2025:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3978" }, { "reference_url": "https://usn.ubuntu.com/7315-1/", "reference_id": "USN-7315-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7315-1/" }, { "reference_url": "https://usn.ubuntu.com/7315-2/", "reference_id": "USN-7315-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7315-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/135?format=api", "purl": "pkg:generic/postgresql@15.11.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.11.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/134?format=api", "purl": "pkg:generic/postgresql@16.7.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@16.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/133?format=api", "purl": "pkg:generic/postgresql@17.3.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.3.0" } ], "aliases": [ "CVE-2025-1094" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mxct-582s-pfad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3514?format=api", "vulnerability_id": "VCID-nwfr-t7xn-zuae", "summary": "Role \"pg_signal_backend\" can signal certain superuser processesmore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5870.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5870.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5870", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00621", "scoring_system": "epss", "scoring_elements": "0.7002", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00621", "scoring_system": "epss", "scoring_elements": "0.70113", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00621", "scoring_system": "epss", "scoring_elements": "0.70123", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00621", "scoring_system": "epss", "scoring_elements": "0.70102", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00621", "scoring_system": "epss", "scoring_elements": "0.70153", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00621", "scoring_system": "epss", "scoring_elements": "0.7016", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00621", "scoring_system": "epss", "scoring_elements": "0.70161", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00621", "scoring_system": "epss", "scoring_elements": "0.70136", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00621", "scoring_system": "epss", "scoring_elements": "0.70178", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00621", "scoring_system": "epss", "scoring_elements": "0.70035", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00621", "scoring_system": "epss", "scoring_elements": "0.70011", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00621", "scoring_system": "epss", "scoring_elements": "0.70059", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00621", "scoring_system": "epss", "scoring_elements": "0.70075", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00621", "scoring_system": "epss", "scoring_elements": "0.70098", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00621", "scoring_system": "epss", "scoring_elements": "0.70083", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00621", "scoring_system": "epss", "scoring_elements": "0.7007", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5870" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39417", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39417" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5869", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5869" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5870", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5870" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2023-5870/", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L']" }, { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2023-5870/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056283", "reference_id": "1056283", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056283" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247170", "reference_id": "2247170", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247170" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:3.74::el8", "reference_id": "cpe:/a:redhat:advanced_cluster_security:3.74::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:3.74::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.1::el8", "reference_id": "cpe:/a:redhat:advanced_cluster_security:4.1::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.1::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.2::el8", "reference_id": "cpe:/a:redhat:advanced_cluster_security:4.2::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.2::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb", "reference_id": "cpe:/a:redhat:rhel_eus:9.0::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::crb", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_software_collections:3", "reference_id": "cpe:/a:redhat:rhel_software_collections:3", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_software_collections:3" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_software_collections:3::el7", "reference_id": "cpe:/a:redhat:rhel_software_collections:3::el7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_software_collections:3::el7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-5870", "reference_id": "CVE-2023-5870", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-5870" }, { "reference_url": "https://security.gentoo.org/glsa/202408-06", "reference_id": "GLSA-202408-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7545", "reference_id": "RHSA-2023:7545", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7579", "reference_id": "RHSA-2023:7579", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7579" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7580", "reference_id": "RHSA-2023:7580", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7581", "reference_id": "RHSA-2023:7581", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7581" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7616", "reference_id": "RHSA-2023:7616", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7616" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7656", "reference_id": "RHSA-2023:7656", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7656" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7666", "reference_id": "RHSA-2023:7666", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7666" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7667", "reference_id": "RHSA-2023:7667", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7694", "reference_id": "RHSA-2023:7694", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7695", "reference_id": "RHSA-2023:7695", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7714", "reference_id": "RHSA-2023:7714", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7714" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7770", "reference_id": "RHSA-2023:7770", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7772", "reference_id": "RHSA-2023:7772", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7784", "reference_id": "RHSA-2023:7784", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7785", "reference_id": "RHSA-2023:7785", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7883", "reference_id": "RHSA-2023:7883", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7884", "reference_id": "RHSA-2023:7884", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7885", "reference_id": "RHSA-2023:7885", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0304", "reference_id": "RHSA-2024:0304", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0332", "reference_id": "RHSA-2024:0332", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0332" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0337", "reference_id": "RHSA-2024:0337", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-19T19:42:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0337" }, { "reference_url": "https://usn.ubuntu.com/6538-1/", "reference_id": "USN-6538-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6538-1/" }, { "reference_url": "https://usn.ubuntu.com/6538-2/", "reference_id": "USN-6538-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6538-2/" }, { "reference_url": "https://usn.ubuntu.com/6570-1/", "reference_id": "USN-6570-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6570-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/153?format=api", "purl": "pkg:generic/postgresql@15.5.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/152?format=api", "purl": "pkg:generic/postgresql@16.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@16.1.0" } ], "aliases": [ "CVE-2023-5870" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nwfr-t7xn-zuae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3516?format=api", "vulnerability_id": "VCID-q5z4-wv12-1fh7", "summary": "Memory disclosure in aggregate function callsmore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5868.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5868.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5868", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02718", "scoring_system": "epss", "scoring_elements": "0.86015", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.02718", "scoring_system": "epss", "scoring_elements": "0.85973", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02718", "scoring_system": "epss", "scoring_elements": "0.85992", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02718", "scoring_system": "epss", "scoring_elements": "0.85874", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02718", "scoring_system": "epss", "scoring_elements": "0.85891", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02718", "scoring_system": "epss", "scoring_elements": "0.85894", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02718", "scoring_system": "epss", "scoring_elements": "0.85913", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02718", "scoring_system": "epss", "scoring_elements": "0.85923", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02718", "scoring_system": "epss", "scoring_elements": "0.85937", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02718", "scoring_system": "epss", "scoring_elements": "0.85935", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02718", "scoring_system": "epss", "scoring_elements": "0.8593", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02718", "scoring_system": "epss", "scoring_elements": "0.85949", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02718", "scoring_system": "epss", "scoring_elements": "0.85952", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02718", "scoring_system": "epss", "scoring_elements": "0.85943", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02718", "scoring_system": "epss", "scoring_elements": "0.85963", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02718", "scoring_system": "epss", "scoring_elements": "0.85972", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39417", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39417" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5869", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5869" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5870", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5870" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2023-5868/", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N']" } ], "url": "https://www.postgresql.org/support/security/CVE-2023-5868/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056283", "reference_id": "1056283", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056283" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247168", "reference_id": "2247168", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247168" }, { "reference_url": "https://security.gentoo.org/glsa/202408-06", "reference_id": "GLSA-202408-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7545", "reference_id": "RHSA-2023:7545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7579", "reference_id": "RHSA-2023:7579", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7579" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7580", "reference_id": "RHSA-2023:7580", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7581", "reference_id": "RHSA-2023:7581", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7581" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7616", "reference_id": "RHSA-2023:7616", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7616" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7656", "reference_id": "RHSA-2023:7656", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7656" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7666", "reference_id": "RHSA-2023:7666", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7666" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7667", "reference_id": "RHSA-2023:7667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7694", "reference_id": "RHSA-2023:7694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7695", "reference_id": "RHSA-2023:7695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7714", "reference_id": "RHSA-2023:7714", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7714" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7770", "reference_id": "RHSA-2023:7770", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7772", "reference_id": "RHSA-2023:7772", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7784", "reference_id": "RHSA-2023:7784", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7785", "reference_id": "RHSA-2023:7785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7883", "reference_id": "RHSA-2023:7883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7884", "reference_id": "RHSA-2023:7884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7885", "reference_id": "RHSA-2023:7885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0304", "reference_id": "RHSA-2024:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0332", "reference_id": "RHSA-2024:0332", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0332" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0337", "reference_id": "RHSA-2024:0337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0337" }, { "reference_url": "https://usn.ubuntu.com/6538-1/", "reference_id": "USN-6538-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6538-1/" }, { "reference_url": "https://usn.ubuntu.com/6538-2/", "reference_id": "USN-6538-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6538-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/153?format=api", "purl": "pkg:generic/postgresql@15.5.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/152?format=api", "purl": "pkg:generic/postgresql@16.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@16.1.0" } ], "aliases": [ "CVE-2023-5868" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q5z4-wv12-1fh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3508?format=api", "vulnerability_id": "VCID-rac3-kfb9-efgf", "summary": "PostgreSQL row security below e.g. subqueries disregards user ID changesmore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10976.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10976.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10976", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01099", "scoring_system": "epss", "scoring_elements": "0.78148", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01099", "scoring_system": "epss", "scoring_elements": "0.78008", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01099", "scoring_system": "epss", "scoring_elements": "0.7799", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01099", "scoring_system": "epss", "scoring_elements": "0.78017", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01099", "scoring_system": "epss", "scoring_elements": "0.78021", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01099", "scoring_system": "epss", "scoring_elements": "0.78048", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01099", "scoring_system": "epss", "scoring_elements": "0.7803", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01099", "scoring_system": "epss", "scoring_elements": "0.78028", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01099", "scoring_system": "epss", "scoring_elements": "0.78063", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01099", "scoring_system": "epss", "scoring_elements": "0.78062", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01099", "scoring_system": "epss", "scoring_elements": "0.77979", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01129", "scoring_system": "epss", "scoring_elements": "0.78366", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01129", "scoring_system": "epss", "scoring_elements": "0.78372", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01129", "scoring_system": "epss", "scoring_elements": "0.78389", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01129", "scoring_system": "epss", "scoring_elements": "0.78402", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01129", "scoring_system": "epss", "scoring_elements": "0.78333", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10976" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-171-165-159-1414-1317-and-1221-released-2955/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-171-165-159-1414-1317-and-1221-released-2955/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2024-10976/", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N']" }, { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-14T18:53:41Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2024-10976/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326263", "reference_id": "2326263", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326263" }, { "reference_url": "https://security.gentoo.org/glsa/202412-12", "reference_id": "GLSA-202412-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10785", "reference_id": "RHSA-2024:10785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10787", "reference_id": "RHSA-2024:10787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10788", "reference_id": "RHSA-2024:10788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10791", "reference_id": "RHSA-2024:10791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10830", "reference_id": "RHSA-2024:10830", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10830" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10831", "reference_id": "RHSA-2024:10831", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10831" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10832", "reference_id": "RHSA-2024:10832", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10832" }, { "reference_url": "https://usn.ubuntu.com/7132-1/", "reference_id": "USN-7132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7132-1/" }, { "reference_url": "https://usn.ubuntu.com/7358-1/", "reference_id": "USN-7358-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7358-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/139?format=api", "purl": "pkg:generic/postgresql@15.9.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/138?format=api", "purl": "pkg:generic/postgresql@16.5.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@16.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/137?format=api", "purl": "pkg:generic/postgresql@17.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.1.0" } ], "aliases": [ "CVE-2024-10976" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rac3-kfb9-efgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3519?format=api", "vulnerability_id": "VCID-u751-gq61-fbge", "summary": "Client memory disclosure when connecting, with Kerberos, to modified servermore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41862.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41862.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41862", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.5502", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55081", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55119", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55122", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55102", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55036", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55055", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55029", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.54979", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55056", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55082", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55057", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55107", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55106", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55118", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55098", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41862" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41862", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41862" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-152-147-1310-1214-and-1119-released-2592/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-152-147-1310-1214-and-1119-released-2592/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2022-41862/", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N']" }, { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T16:02:06Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2022-41862/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165722", "reference_id": "2165722", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T16:02:06Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165722" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0002/", "reference_id": "ntap-20230427-0002", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T16:02:06Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1576", "reference_id": "RHSA-2023:1576", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1576" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1693", "reference_id": "RHSA-2023:1693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4535", "reference_id": "RHSA-2023:4535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6429", "reference_id": "RHSA-2023:6429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7016", "reference_id": "RHSA-2023:7016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7545", "reference_id": "RHSA-2023:7545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7580", "reference_id": "RHSA-2023:7580", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7666", "reference_id": "RHSA-2023:7666", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7666" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7667", "reference_id": "RHSA-2023:7667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7694", "reference_id": "RHSA-2023:7694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7695", "reference_id": "RHSA-2023:7695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7772", "reference_id": "RHSA-2023:7772", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7772" }, { "reference_url": "https://usn.ubuntu.com/5906-1/", "reference_id": "USN-5906-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5906-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/157?format=api", "purl": "pkg:generic/postgresql@15.2.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.2.0" } ], "aliases": [ "CVE-2022-41862" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u751-gq61-fbge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3496?format=api", "vulnerability_id": "VCID-ucu8-nb95-hfca", "summary": "PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary codemore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2004.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2004.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2004", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14715", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14921", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14707", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.1481", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14998", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14802", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14891", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14942", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14869", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14907", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18379", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18483", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.1847", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18428", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18294", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.1859", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2004" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2004", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2004" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2026-2004/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H']" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-13T04:56:33Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2026-2004/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439325", "reference_id": "2439325", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3730", "reference_id": "RHSA-2026:3730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3887", "reference_id": "RHSA-2026:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3896", "reference_id": "RHSA-2026:3896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4024", "reference_id": "RHSA-2026:4024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4059", "reference_id": "RHSA-2026:4059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4063", "reference_id": "RHSA-2026:4063", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4063" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4064", "reference_id": "RHSA-2026:4064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4064" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4074", "reference_id": "RHSA-2026:4074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4075", "reference_id": "RHSA-2026:4075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4110", "reference_id": "RHSA-2026:4110", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4110" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4254", "reference_id": "RHSA-2026:4254", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4254" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4441", "reference_id": "RHSA-2026:4441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4475", "reference_id": "RHSA-2026:4475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4504", "reference_id": "RHSA-2026:4504", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4504" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4505", "reference_id": "RHSA-2026:4505", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4506", "reference_id": "RHSA-2026:4506", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4506" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4509", "reference_id": "RHSA-2026:4509", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4509" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4515", "reference_id": "RHSA-2026:4515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4516", "reference_id": "RHSA-2026:4516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4518", "reference_id": "RHSA-2026:4518", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4518" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4524", "reference_id": "RHSA-2026:4524", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4524" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4528", "reference_id": "RHSA-2026:4528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4528" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4544", "reference_id": "RHSA-2026:4544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4546", "reference_id": "RHSA-2026:4546", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4546" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4547", "reference_id": "RHSA-2026:4547", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4547" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4548", "reference_id": "RHSA-2026:4548", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4548" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8756", "reference_id": "RHSA-2026:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8756" }, { "reference_url": "https://usn.ubuntu.com/8072-1/", "reference_id": "USN-8072-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8072-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/118?format=api", "purl": "pkg:generic/postgresql@15.16.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.16.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/117?format=api", "purl": "pkg:generic/postgresql@16.12.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@16.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/116?format=api", "purl": "pkg:generic/postgresql@17.8.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/111?format=api", "purl": "pkg:generic/postgresql@18.2.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@18.2.0" } ], "aliases": [ "CVE-2026-2004" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ucu8-nb95-hfca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3500?format=api", "vulnerability_id": "VCID-wetm-n31c-e3as", "summary": "PostgreSQL pg_dump newline in object name executes arbitrary code in psql client and in restore target servermore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8715.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8715.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8715", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.1498", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15174", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15136", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15072", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.14971", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15194", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15262", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15065", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15154", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15205", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16627", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16767", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16662", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16674", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21244", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21177", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8715" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8715", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8715" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-176-1610-1514-1419-1322-and-18-beta-3-released-3118/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-176-1610-1514-1419-1322-and-18-beta-3-released-3118/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2025-8715/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H']" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-15T03:55:57Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2025-8715/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388551", "reference_id": "2388551", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388551" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14826", "reference_id": "RHSA-2025:14826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14827", "reference_id": "RHSA-2025:14827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14862", "reference_id": "RHSA-2025:14862", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14869", "reference_id": "RHSA-2025:14869", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14869" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14870", "reference_id": "RHSA-2025:14870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14878", "reference_id": "RHSA-2025:14878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14899", "reference_id": "RHSA-2025:14899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15006", "reference_id": "RHSA-2025:15006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15012", "reference_id": "RHSA-2025:15012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15013", "reference_id": "RHSA-2025:15013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15014", "reference_id": "RHSA-2025:15014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15015", "reference_id": "RHSA-2025:15015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15021", "reference_id": "RHSA-2025:15021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15022", "reference_id": "RHSA-2025:15022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15031", "reference_id": "RHSA-2025:15031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15034", "reference_id": "RHSA-2025:15034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15057", "reference_id": "RHSA-2025:15057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15062", "reference_id": "RHSA-2025:15062", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15062" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15114", "reference_id": "RHSA-2025:15114", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15114" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15115", "reference_id": "RHSA-2025:15115", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15359", "reference_id": "RHSA-2025:15359", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15359" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15361", "reference_id": "RHSA-2025:15361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15361" }, { "reference_url": "https://usn.ubuntu.com/7741-1/", "reference_id": "USN-7741-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7741-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/127?format=api", "purl": "pkg:generic/postgresql@15.14.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.14.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/126?format=api", "purl": "pkg:generic/postgresql@16.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@16.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/125?format=api", "purl": "pkg:generic/postgresql@17.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.6.0" } ], "aliases": [ "CVE-2025-8715" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wetm-n31c-e3as" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3505?format=api", "vulnerability_id": "VCID-wxxg-2f53-w3ey", "summary": "PostgreSQL PL/Perl environment variable changes execute arbitrary codemore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10979.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10979.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10979", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91429", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91402", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.914", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91399", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91413", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91321", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91332", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91339", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91351", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91358", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91365", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91367", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.91392", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06857", "scoring_system": "epss", "scoring_elements": "0.9139", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10979" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-171-165-159-1414-1317-and-1221-released-2955/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-171-165-159-1414-1317-and-1221-released-2955/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2024-10979/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H']" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-14T14:32:36Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2024-10979/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326253", "reference_id": "2326253", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326253" }, { "reference_url": "https://security.gentoo.org/glsa/202412-12", "reference_id": "GLSA-202412-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10593", "reference_id": "RHSA-2024:10593", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10593" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10595", "reference_id": "RHSA-2024:10595", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10595" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10677", "reference_id": "RHSA-2024:10677", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10677" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10705", "reference_id": "RHSA-2024:10705", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10705" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10736", "reference_id": "RHSA-2024:10736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10739", "reference_id": "RHSA-2024:10739", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10739" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10750", "reference_id": "RHSA-2024:10750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10750" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10785", "reference_id": "RHSA-2024:10785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10787", "reference_id": "RHSA-2024:10787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10788", "reference_id": "RHSA-2024:10788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10789", "reference_id": "RHSA-2024:10789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10791", "reference_id": "RHSA-2024:10791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10800", "reference_id": "RHSA-2024:10800", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10800" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10807", "reference_id": "RHSA-2024:10807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10827", "reference_id": "RHSA-2024:10827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10830", "reference_id": "RHSA-2024:10830", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10830" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10831", "reference_id": "RHSA-2024:10831", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10831" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10832", "reference_id": "RHSA-2024:10832", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10832" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10846", "reference_id": "RHSA-2024:10846", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10846" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10851", "reference_id": "RHSA-2024:10851", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10851" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10879", "reference_id": "RHSA-2024:10879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10882", "reference_id": "RHSA-2024:10882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10882" }, { "reference_url": "https://usn.ubuntu.com/7132-1/", "reference_id": "USN-7132-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7132-1/" }, { "reference_url": "https://usn.ubuntu.com/7358-1/", "reference_id": "USN-7358-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7358-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/139?format=api", "purl": "pkg:generic/postgresql@15.9.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/138?format=api", "purl": "pkg:generic/postgresql@16.5.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@16.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/137?format=api", "purl": "pkg:generic/postgresql@17.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@17.1.0" } ], "aliases": [ "CVE-2024-10979" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wxxg-2f53-w3ey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3513?format=api", "vulnerability_id": "VCID-y871-sfhf-a7by", "summary": "Extension script @substitutions@ within quoting allow SQL injectionmore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39417.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39417.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39417", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00659", "scoring_system": "epss", "scoring_elements": "0.71012", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00659", "scoring_system": "epss", "scoring_elements": "0.71005", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00659", "scoring_system": "epss", "scoring_elements": "0.71047", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00659", "scoring_system": "epss", "scoring_elements": "0.71062", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00659", "scoring_system": "epss", "scoring_elements": "0.71085", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00659", "scoring_system": "epss", "scoring_elements": "0.7107", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00659", "scoring_system": "epss", "scoring_elements": "0.71053", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00659", "scoring_system": "epss", "scoring_elements": "0.711", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00659", "scoring_system": "epss", "scoring_elements": "0.71107", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00659", "scoring_system": "epss", "scoring_elements": "0.71139", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00659", "scoring_system": "epss", "scoring_elements": "0.71177", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00659", "scoring_system": "epss", "scoring_elements": "0.7103", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71572", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71579", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71584", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71521", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39417" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39417", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39417" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5869", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5869" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5870", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5870" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-154-149-1312-1216-1121-and-postgresql-16-beta-3-released-2689/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-154-149-1312-1216-1121-and-postgresql-16-beta-3-released-2689/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2023-39417/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H']" } ], "url": "https://www.postgresql.org/support/security/CVE-2023-39417/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228111", "reference_id": "2228111", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228111" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:3.74::el8", "reference_id": "cpe:/a:redhat:advanced_cluster_security:3.74::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:3.74::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.1::el8", "reference_id": "cpe:/a:redhat:advanced_cluster_security:4.1::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.1::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.2::el8", "reference_id": "cpe:/a:redhat:advanced_cluster_security:4.2::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.2::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb", "reference_id": "cpe:/a:redhat:rhel_eus:9.0::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::crb", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_software_collections:3", "reference_id": "cpe:/a:redhat:rhel_software_collections:3", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_software_collections:3" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_software_collections:3::el7", "reference_id": "cpe:/a:redhat:rhel_software_collections:3::el7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_software_collections:3::el7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-39417", "reference_id": "CVE-2023-39417", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-39417" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2023-39417", "reference_id": "CVE-2023-39417", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://www.postgresql.org/support/security/CVE-2023-39417" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7545", "reference_id": "RHSA-2023:7545", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7579", "reference_id": "RHSA-2023:7579", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7579" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7580", "reference_id": "RHSA-2023:7580", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7581", "reference_id": "RHSA-2023:7581", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7581" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7616", "reference_id": "RHSA-2023:7616", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7616" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7656", "reference_id": "RHSA-2023:7656", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7656" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7666", "reference_id": "RHSA-2023:7666", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7666" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7667", "reference_id": "RHSA-2023:7667", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7694", "reference_id": "RHSA-2023:7694", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7695", "reference_id": "RHSA-2023:7695", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7714", "reference_id": "RHSA-2023:7714", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7714" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7770", "reference_id": "RHSA-2023:7770", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7772", "reference_id": "RHSA-2023:7772", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7784", "reference_id": "RHSA-2023:7784", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7785", "reference_id": "RHSA-2023:7785", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7883", "reference_id": "RHSA-2023:7883", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7884", "reference_id": "RHSA-2023:7884", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7885", "reference_id": "RHSA-2023:7885", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0304", "reference_id": "RHSA-2024:0304", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0332", "reference_id": "RHSA-2024:0332", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0332" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0337", "reference_id": "RHSA-2024:0337", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-09T13:38:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0337" }, { "reference_url": "https://usn.ubuntu.com/6296-1/", "reference_id": "USN-6296-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6296-1/" }, { "reference_url": "https://usn.ubuntu.com/6366-1/", "reference_id": "USN-6366-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6366-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/150?format=api", "purl": "pkg:generic/postgresql@15.4.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.4.0" } ], "aliases": [ "CVE-2023-39417" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y871-sfhf-a7by" } ], "fixing_vulnerabilities": [], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@15.0.0" }